An eUICC is a secure element (SE) for hosting profiles. A profile is a combination of operator data and applications provisioned on an eUICC in a wireless device for the purposes of providing services by an operator. A profile is also referred to herein as an electronic subscriber identity module (eSIM). A profile can contain secure data used to prove identity and thus verify contractual rights to access services. A universal integrated circuit card (UICC) is, in general, a removable SE, while an eUICC is, in general, a non-removable embedded SE.
A profile can be identified by a unique number referred to as an ICCID (Integrated Circuit Card Identifier). Profile management can include a combination of local and remote management operations such enable a profile, disable a profile, delete a profile, and query profiles present on an eUICC. An operator is a company that provides wireless cellular network services. A mobile network operator (MNO) is an entity providing access capability and communication services to its subscribers through a mobile cellular wireless network infrastructure. An MNO may also be referred to as a service provider (SP). In some cases, a wireless device is user equipment used in conjunction with an eUICC to connect to a mobile network. In a machine-to-machine (M2M) environment, a wireless device may not be associated with a user and may lack a user interface. An end user is a person using a (consumer or enterprise) wireless device. An enabled profile can include files and/or applications that are selectable over an eUICC-device interface.
A network entity that provides profile packages is referred to as a subscription manager data preparation (SM-DP, or SM-DP+). An SM-DP may also be referred to as an eSIM server, a profile provider, or an eSIM vendor. An eSIM is an example of a profile. A profile package can be a personalized profile that uses an interoperable description format that is transmitted to an eUICC as a basis for loading and installing a profile. Profile data that is unique to a subscriber, e.g., a phone number or an International Mobile Subscriber Identity (IMSI), are examples of personalization data. An SM-DP can communicate over an interface with an eUICC. Certificates used for authentication and confidentiality purposes can be generated by a trusted certificate issuer.
An eUICC includes an operating system, and the operating system can include an ability to provide authentication algorithms to network access applications associated with a given operator. The operating system also can include the ability to translate profile package data into an installed profile using a specific internal format of the eUICC. An ISD-P (issuer security domain-profile) can host a unique profile within an eUICC. An ECASD (embedded UICC controlling authority security domain) can provide secure storage of credentials needed to support security domains on an eUICC. A controlling authority security domain (CASD) may also be referred to as a “key store” herein. A security domain within the eUICC can contain an operator's over the air (OTA) keys and provides a secure OTA channel for secure communication between the eUICC and a network entity of the operator. OTA keys are credentials used by an operator for remote management of operator profiles on an eUICC.
Network device, eUICC, and profile interactions are described in GSM Association document GSMA SGP.22: “RSP Technical Specification” (hereinafter “SGP.22”). Some eUICC procedures are given in: i) “Smart Cards: Card Application Toolkit (CAT),” ETSI TS 102.223 (hereinafter “ETSI 102.223”) and ii) “Smart Cards; UICC-Terminal interface; Physical and logical characteristics,” ETSI TS 102.221 (hereinafter “ETSI 102.221”).
FIG. 1 illustrates a diagram 100 of a system in which an eSIM server 120 is in communication with a wireless device 101. The wireless device 101 includes an eUICC 105 and executes a local profile assistant (LPA) 110, external to the eUICC 105, to assist with profile loading to the eUICC 105. At event 101, the eSIM server 120 forms a package 102. At event 103, the package 102 is downloaded to the LPA 110. At event 106, the package 102 is installed in the eUICC 105. At event 107, the eUICC 105 processes the package 102. The package 102 includes a script of remote profile management (RPM) commands.
The system illustrated in FIG. 1 has several drawbacks. The eUICC 105 acts on the RPM commands in the script one by one. The eUICC 105 may stop execution of the script upon an execution error. Multiple RPM commands may result in multiple refresh commands, some of which are unnecessary. Unnecessary command processing increases a risk of error and halting execution. More details on refresh commands can be found in ETSI 102.223.